Bill Toulas reports: According to a report by security researcher Jeremiah Fowler, the Washington-based non-profit organization named “Leadership for Educational Equity” (LEE) has left an unprotected Elasticsearch database that contained a total of 5.2 million documents. Not having set up a password, anyone could access the database, so the researcher repeatedly tried to notify the…
Category: Exposure
Anger after confidential medical records found dumped in shed
Lewis Clarke reports: Medical records and personal information regarding dozens of patients has been dumped in a shed in Tiverton. The details of patients at the former Post Hill care home include names, photos, eating habits, behaviour details, addresses of next of kin. Currently the site is in development by Barratt Wilson Homes. Read more…
Two more leaks expose Indian citizens’ personal and medical information
This week, DataBreaches.net learned that a civil court in Bengaluru had issued a preliminary junction prohibiting this site from publishing anything about a data security incident involving 1to1Help.net. This site received notice of the injunction five days after the article appeared. At the same time, I learned that 1to1Help.net had filed a criminal complaint against…
FI: Tax authority estimates 27,000 customers affected by mix-up
Yle reports: An error by the Finnish tax authority Vero, in which approximately 27,000 customers received letters containing information relating to other individuals, has created a serious data protection situation, according to the Assistant Data Protection Commissioner Jari Råman. “It is always a serious situation when personal information goes to the wrong place. Especially if…
“Privacy Train Wreck:” Group dating app 3fun exposed sensitive data on 1.5 million users
Zack Whittaker reports: More than 1.5 million users of a group dating service had their personal data exposed — including their real-time location — because of a vulnerability in the app. The app, 3fun, bills itself as a “private space” where you can meet “local kinky, open-minded people.” But the data wasn’t private at all….
1to1Help.net gets injunction against DataBreaches.net; Seeks criminal charges against blogger
From the you-really-should-have-read-my-About-page dept: In today’s episode of “Shoot the Messenger,” a company in India that apparently didn’t want me reporting on their data leak got a court there to issue an injunction barring me from publishing. They also filed a criminal complaint against me and this blog based on what appears to be a…